Please report suspected vulnerabilities in Mobbo-owned systems to:

security@mobbo.com

Use a clear subject such as:

Security report: <short summary>

This policy applies to Mobbo-owned products, services, and repositories operated by Big Data Technologies Ltd. It does not grant permission to test third-party systems, customer systems, app-store infrastructure, cloud provider systems, or unrelated domains.

Good-faith reports should include:

• Summary of the issue
• Affected component, repository, endpoint, package, or configuration
• Safe, minimal reproduction steps
• Realistic impact
• Suggested remediation if known
• Reporter contact information

Please avoid sending secrets, customer data, personal data, or destructive proof-of-concept material.

The following are not authorized:

• Social engineering, phishing, spam, or impersonation
• Credential attacks or attempts to access accounts you do not own
• Malware, persistence, evasion, or stealth mechanisms
• Denial-of-service or resource exhaustion
• Data exfiltration or bulk data access
• Physical attacks
• Destructive testing
• Public internet scanning outside explicitly authorized assets
• Testing against production without written approval when staging or local reproduction is possible

Mobbo supports good-faith security research that:

• Is limited to authorized Mobbo-owned assets or explicitly authorized third-party program scopes
• Avoids privacy violations, service disruption, and data destruction
• Reports findings promptly and privately
• Gives Mobbo reasonable time to investigate and remediate

This policy is not permission to violate laws, contracts, or third-party platform rules.